Prosím o kontrolu logu, pomalý start pc ...

Zpráva

pethol · #1 Příspěvek od **pethol** » 19 bře 2010 15:35

Logfile of random's system information tool 1.06 (written by random/random)
Run by xxx at 2010-03-19 15:32:42
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 7 GB (18%) free of 38 GB
Total RAM: 511 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:33:35, on 19.3.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\system32\1XConfig.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\DATA\updldr0.bin
C:\Documents and Settings\xxx\Plocha\RSIT.exe
C:\Program Files\trend micro\xxx.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.2.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ZCfgSvc.exe] C:\WINDOWS\system32\ZCfgSvc.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 7093 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.2.dll [2009-05-18 1039000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-08-12 339968]
"ZCfgSvc.exe"=C:\WINDOWS\system32\ZCfgSvc.exe [2006-08-03 639040]
"PRONoMgr.exe"=C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe [2005-07-07 135168]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"D-Link AirPlus G"=C:\Program Files\D-Link\AirPlus G\AirGCFG.exe [2006-11-17 1552384]
"ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2006-06-29 49152]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2010-03-01 524632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2009-05-18 411288]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-03-01 3037696]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\xxx\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-11-08 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Sebring]
C:\WINDOWS\system32\LgNotify.dll [2006-08-03 188482]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-17 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Documents and Settings\xxx\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\xxx\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.scr - open - "C:\WINDOWS\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-03-19 15:32:46 ----D---- C:\Program Files\trend micro
2010-03-19 15:32:42 ----D---- C:\rsit
2010-03-17 17:35:51 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-14 22:56:54 ----D---- C:\Documents and Settings\xxx\Data aplikací\dvdcss
2010-03-13 19:54:41 ----D---- C:\Documents and Settings\xxx\Data aplikací\vlc
2010-03-13 19:52:43 ----D---- C:\Program Files\VideoLAN
2010-03-12 23:09:53 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-01 20:02:54 ----D---- C:\Documents and Settings\xxx\Data aplikací\Spyware Terminator
2010-03-01 20:02:43 ----D---- C:\Program Files\Spyware Terminator
2010-03-01 20:02:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-02-24 07:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-20 10:56:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Boss Media
2010-02-20 10:54:52 ----D---- C:\Program Files\ParadisePoker

======List of files/folders modified in the last 1 months======

2010-03-19 15:32:46 ----RD---- C:\Program Files
2010-03-19 15:32:37 ----D---- C:\WINDOWS\Prefetch
2010-03-19 15:28:24 ----D---- C:\WINDOWS\Temp
2010-03-19 15:26:47 ----D---- C:\Program Files\Mozilla Firefox
2010-03-19 15:24:12 ----D---- C:\WINDOWS
2010-03-19 15:19:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-19 14:15:10 ----D---- C:\WINDOWS\Debug
2010-03-19 14:15:09 ----D---- C:\WINDOWS\Minidump
2010-03-18 15:57:06 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-18 14:48:43 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-17 21:08:02 ----HD---- C:\WINDOWS\inf
2010-03-17 21:08:02 ----D---- C:\WINDOWS\system32
2010-03-14 01:05:05 ----D---- C:\Documents and Settings\xxx\Data aplikací\uTorrent
2010-03-12 23:09:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-12 23:09:59 ----D---- C:\Program Files\Movie Maker
2010-03-12 23:09:12 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-06 10:37:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-01 20:02:59 ----D---- C:\WINDOWS\system32\drivers
2010-02-24 22:40:23 ----D---- C:\WINDOWS\Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225920]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-12-18 17801]
R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-08-03 10970]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-08-22 98752]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-11-08 786944]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-10-31 165760]
R3 EMCR;EMCR; C:\WINDOWS\system32\DRIVERS\EMCR7SK.sys [2004-11-08 72064]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RT73;D-Link USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\Dr71WU.sys [2005-11-03 245504]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-10-24 35913]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-11-04 519168]
R3 TOSHIBASoftModem;TOSHIBA Software Modem; C:\WINDOWS\system32\DRIVERS\LTSM.sys [2002-09-17 809872]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-17 12416]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 w70n51;Intel(R) PRO/Wireless 7100 Adapter Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w70n51.sys [2006-07-13 674560]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-11-08 389120]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-03-01 1029456]
R2 RegSrvc;RegSrvc; C:\WINDOWS\system32\RegSrvc.exe [2006-08-03 122880]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\WINDOWS\system32\S24EvMon.exe [2006-08-03 426051]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SimpTcp;Jednoduché služby TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2001-10-25 19456]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-07-15 45056]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-03-01 488960]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ANIWZCSdService;ANIWZCSd Service; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2006-07-03 49152]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-12-21 74360]
S3 NetSvc;Intel NCS NetService; C:\Program Files\Intel\NCS\Sync\NetSvc.exe [2003-04-29 139264]
S3 p2pgasvc;Ověřování v síti skupiny rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S3 p2pimsvc;Správce identit sítě rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S3 p2psvc;Síť rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S3 PNRPSvc;Protokol PNRP; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]

-----------------EOF-----------------

#2 Příspěvek od **Caroprd111** » 19 bře 2010 15:36

Zdravím

Na logu se pracuje, prosím o strpení.

#3 Příspěvek od **Caroprd111** » 19 bře 2010 15:39

Odinstalujte Ad-Aware.

Obrázek

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.

Obrázek

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

Spusťte program, poté klikněte na Run Scan
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

pethol · #4 Příspěvek od **pethol** » 19 bře 2010 15:52

smazáno, scanuju

#5 Příspěvek od **Caroprd111** » 19 bře 2010 15:53

pethol · #6 Příspěvek od **pethol** » 19 bře 2010 16:01

OTL Extras logfile created on: 19.3.2010 15:51:04 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\xxx\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 185,00 Mb Available Physical Memory | 36,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,25 Gb Total Space | 7,06 Gb Free Space | 18,94% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YYY-01F38B89B5A
Current User Name: xxx
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Skupiny sítě Peer-to-Peer
"3540:UDP" = 3540:UDP:*:Enabled:Protokol PNRP (Peer Name Resolution Protocol)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3587:TCP" = 3587:TCP:*:Enabled:Skupiny sítě Peer-to-Peer
"3540:UDP" = 3540:UDP:*:Enabled:Protokol PNRP (Peer Name Resolution Protocol)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Documents and Settings\xxx\Data aplikací\uTorrent\utorrent.exe" = C:\Documents and Settings\xxx\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP460" = Canon MP460
"{2B7E4354-0492-460A-BDB1-1F59EE141025}" = AirPlus G
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{53AFF171-481D-64FA-0DA4-1CA0ABF01029}" = Nero 7 Demo
"{5783F2D7-0301-0405-0002-0060B0CE6BBA}" = AutoCAD 2005 - Český
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{74C9DFA1-338F-4bf3-B317-99A9EC8EF9A6}" = Intel(R) PROSet
"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{AC76BA86-7AD7-1029-7B44-A70000000000}" = Adobe Reader 7.0 - Czech
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}" = OpenOffice.org 3.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"µTorrent CZ_is1" = µTorrent CZ 1.8.5 (build 17414)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"avast!" = avast! Antivirus
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner (remove only)
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.0.2
"HijackThis" = HijackThis 2.0.2
"IZArc 3.4.1.3_is1" = IZArc 3.4.1.3
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.18)" = Mozilla Firefox (3.0.18)
"ParadisePoker" = ParadisePoker
"PROSet" = Intel(R) PRO Network Connections Drivers
"Spyware Terminator_is1" = Spyware Terminator
"szn-software-postak" = Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"VLC media player" = VLC media player 1.0.3

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 5.1.2009 12:35:37 | Computer Name = YYY-01F38B89B5A | Source = avast! | ID = 33554522
Description = AAVM - chyba při startu: AavmStart: avworkInitialize failed, 0000A438.

Error - 5.1.2009 12:37:38 | Computer Name = YYY-01F38B89B5A | Source = avast! | ID = 33554522
Description = AAVM - chyba při startu: AavmStart: avworkInitialize failed, 0000A438.

Error - 5.1.2009 12:52:26 | Computer Name = YYY-01F38B89B5A | Source = avast! | ID = 33554522
Description = AAVM - chyba při startu: AavmStart: avworkInitialize failed, 0000A438.

Error - 5.1.2009 12:55:27 | Computer Name = YYY-01F38B89B5A | Source = avast! | ID = 33554522
Description = AAVM - chyba při startu: AavmStart: avworkInitialize failed, 0000A438.

Error - 18.3.2010 14:10:44 | Computer Name = YYY-01F38B89B5A | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\WINDOWS\system32\drivers\kmixer.sys failed, 0000A413.

[ Application Events ]
Error - 7.9.2009 15:06:35 | Computer Name = YYY-01F38B89B5A | Source = Application Error | ID = 1000
Description = Chybující aplikace svchost.exe, verze 5.1.2600.2180, chybující modul
kernel32.dll, verze 5.1.2600.3541, adresa chyby 0x00009793.

Error - 10.9.2009 13:22:02 | Computer Name = YYY-01F38B89B5A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace acad.exe, verze 22.1.63.15, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 25.10.2009 14:19:15 | Computer Name = YYY-01F38B89B5A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.2180, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 6.11.2009 1:36:56 | Computer Name = YYY-01F38B89B5A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace EXCEL.EXE, verze 10.0.2701.12, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 8.11.2009 18:23:10 | Computer Name = YYY-01F38B89B5A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 10.0.2627.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 8.11.2009 18:23:10 | Computer Name = YYY-01F38B89B5A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 10.0.2627.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 8.11.2009 18:23:34 | Computer Name = YYY-01F38B89B5A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 10.0.2627.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.11.2009 17:45:48 | Computer Name = YYY-01F38B89B5A | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
flash.ocx, verze 7.0.19.0, adresa chyby 0x00001868.

[ System Events ]
Error - 14.3.2010 13:35:58 | Computer Name = YYY-01F38B89B5A | Source = Service Control Manager | ID = 7000
Description = Služba Služba brány aplikačního rozhraní neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 17.3.2010 14:08:26 | Computer Name = YYY-01F38B89B5A | Source = PSched | ID = 14103
Description = Služba QoS [Adaptér {EF050F9B-0C10-43C4-A467-E9BED3998E8F}]: Ovladači
síťové karty se nezdařil dotaz na OID_GEN_LINK_SPEED.

Error - 17.3.2010 14:08:31 | Computer Name = YYY-01F38B89B5A | Source = ipnathlp | ID = 32003
Description = Služba NAT (Network Address Translator) nemohla požádat o operaci překládacího
modulu režimu jádra. To může znamenat špatnou konfiguraci, nedostatek prostředků
nebo vnitřní chybu. Uvedený údaj je kód chyby.

Error - 17.3.2010 16:06:53 | Computer Name = YYY-01F38B89B5A | Source = PSched | ID = 14103
Description = Služba QoS [Adaptér {EF050F9B-0C10-43C4-A467-E9BED3998E8F}]: Ovladači
síťové karty se nezdařil dotaz na OID_GEN_LINK_SPEED.

Error - 17.3.2010 16:06:59 | Computer Name = YYY-01F38B89B5A | Source = ipnathlp | ID = 32003
Description = Služba NAT (Network Address Translator) nemohla požádat o operaci překládacího
modulu režimu jádra. To může znamenat špatnou konfiguraci, nedostatek prostředků
nebo vnitřní chybu. Uvedený údaj je kód chyby.

Error - 18.3.2010 9:32:48 | Computer Name = YYY-01F38B89B5A | Source = PSched | ID = 14103
Description = Služba QoS [Adaptér {EF050F9B-0C10-43C4-A467-E9BED3998E8F}]: Ovladači
síťové karty se nezdařil dotaz na OID_GEN_LINK_SPEED.

Error - 18.3.2010 9:45:06 | Computer Name = YYY-01F38B89B5A | Source = PSched | ID = 14103
Description = Služba QoS [Adaptér {EF050F9B-0C10-43C4-A467-E9BED3998E8F}]: Ovladači
síťové karty se nezdařil dotaz na OID_GEN_LINK_SPEED.

Error - 18.3.2010 10:15:30 | Computer Name = YYY-01F38B89B5A | Source = PSched | ID = 14103
Description = Služba QoS [Adaptér {EF050F9B-0C10-43C4-A467-E9BED3998E8F}]: Ovladači
síťové karty se nezdařil dotaz na OID_GEN_LINK_SPEED.

Error - 18.3.2010 14:10:37 | Computer Name = YYY-01F38B89B5A | Source = PSched | ID = 14103
Description = Služba QoS [Adaptér {1AF29358-B0CC-41A0-815A-8F08428DF50B}]: Ovladači
síťové karty se nezdařil dotaz na OID_GEN_LINK_SPEED.

Error - 18.3.2010 16:46:17 | Computer Name = YYY-01F38B89B5A | Source = PSched | ID = 14103
Description = Služba QoS [Adaptér {1AF29358-B0CC-41A0-815A-8F08428DF50B}]: Ovladači
síťové karty se nezdařil dotaz na OID_GEN_LINK_SPEED.

< End of report >

pethol · #7 Příspěvek od **pethol** » 19 bře 2010 16:02

OTL logfile created on: 19.3.2010 15:51:04 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\xxx\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 185,00 Mb Available Physical Memory | 36,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,25 Gb Total Space | 7,06 Gb Free Space | 18,94% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YYY-01F38B89B5A
Current User Name: xxx
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.03.19 15:49:57 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
PRC - [2010.03.01 20:02:58 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2010.03.01 20:02:56 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010.02.21 00:36:55 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.11.25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.05.18 12:15:10 | 000,411,288 | ---- | M] () -- C:\Program Files\Seznam.cz\postak.exe
PRC - [2008.10.31 07:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
PRC - [2008.10.31 07:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
PRC - [2008.10.31 07:24:26 | 001,705,256 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
PRC - [2008.10.05 15:01:26 | 007,430,144 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2008.10.05 15:01:24 | 007,434,240 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2006.11.17 16:54:00 | 001,552,384 | ---- | M] (D-Link) -- C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
PRC - [2006.08.03 03:19:18 | 000,639,040 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\ZCfgSvc.exe
PRC - [2006.08.03 03:16:08 | 000,426,051 | ---- | M] (Intel Corporation ) -- C:\WINDOWS\system32\S24EvMon.exe
PRC - [2006.08.03 03:14:14 | 000,389,186 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\1XConfig.exe
PRC - [2006.08.03 03:13:32 | 000,122,880 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\RegSrvc.exe
PRC - [2006.06.29 17:34:20 | 000,049,152 | ---- | M] (Alpha Networks Inc.) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2005.10.28 16:25:44 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002.07.15 16:36:54 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
PRC - [2001.10.25 15:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe

========== Modules (SafeList) ==========

MOD - [2010.03.19 15:49:57 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
MOD - [2004.08.17 14:48:02 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.03.01 20:02:56 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.12.21 15:16:13 | 000,074,360 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008.10.31 07:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4)
SRV - [2008.10.31 07:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher)
SRV - [2006.08.03 03:16:08 | 000,426,051 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\WINDOWS\system32\S24EvMon.exe -- (S24EventMonitor)
SRV - [2006.08.03 03:13:32 | 000,122,880 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\system32\RegSrvc.exe -- (RegSrvc)
SRV - [2006.07.03 15:22:58 | 000,049,152 | ---- | M] (Alpha Networks Inc.) [Auto | Stopped] -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
SRV - [2004.08.17 14:49:16 | 000,086,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2003.04.29 14:29:54 | 000,139,264 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2002.07.15 16:36:54 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
SRV - [2001.10.25 15:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp)

========== Driver Services (SafeList) ==========

DRV - [2010.03.01 20:02:56 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2009.11.25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.10.31 07:09:06 | 000,270,888 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw)
DRV - [2008.06.21 04:54:54 | 000,066,600 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips)
DRV - [2008.06.21 04:54:54 | 000,065,576 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2008.06.20 10:52:06 | 000,225,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2006.08.03 13:11:32 | 000,010,970 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006.07.13 12:33:00 | 000,674,560 | R--- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w70n51.sys -- (w70n51) Intel(R)
DRV - [2005.12.11 11:55:38 | 000,028,195 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2005.11.03 20:39:02 | 000,245,504 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Dr71WU.sys -- (RT73)
DRV - [2004.11.08 13:06:00 | 000,007,040 | ---- | M] (EnE Technology Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ENECBPTH.SYS -- (ENECBPTH)
DRV - [2004.11.08 13:05:54 | 000,072,064 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMCR7SK.sys -- (EMCR)
DRV - [2004.11.08 13:05:16 | 000,786,944 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2002.09.17 18:12:38 | 000,809,872 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LTSM.sys -- (TOSHIBASoftModem)
DRV - [2001.10.24 13:04:44 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ÄŚSFD"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.02.21 09:15:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.02.21 00:37:06 | 000,000,000 | ---D | M]

[2009.01.05 17:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Extensions
[2009.01.05 17:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\vo3wmw0t.default\extensions
[2010.02.21 00:37:39 | 000,000,687 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\vo3wmw0t.default\searchplugins\icq-search.xml
[2010.02.21 08:18:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\vo3wmw0t.default\searchplugins\icqplugin.xml
[2010.01.02 10:18:11 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\vo3wmw0t.default\searchplugins\sfd.xml
[2010.03.19 15:36:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.09 14:27:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.11.13 18:04:34 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.11.13 18:04:34 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.11.13 18:04:34 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.11.13 18:04:34 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.11.13 18:04:34 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2001.10.25 15:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Ukazatel S-Rank) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.2.dll ()
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Alpha Networks Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe (D-Link)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [ZCfgSvc.exe] C:\WINDOWS\system32\ZCfgSvc.exe (Intel Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Seznam Postak] C:\Program Files\Seznam.cz\postak.exe ()
O4 - HKCU..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe (Autodesk, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\xxx\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.196.209.2 192.168.0.2
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\Sebring: DllName - C:\WINDOWS\system32\LgNotify.dll - C:\WINDOWS\system32\LgNotify.dll (Intel Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\xxx\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\xxx\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.12.18 16:19:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.03.19 15:49:57 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
[2010.03.19 15:47:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010.03.19 15:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.03.19 15:32:42 | 000,000,000 | ---D | C] -- C:\rsit
[2010.03.19 14:15:08 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\xxx\Recent
[2010.03.17 17:35:51 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.03.14 22:56:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\dvdcss
[2010.03.13 19:54:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\vlc
[2010.03.13 19:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010.03.01 20:02:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\Spyware Terminator
[2010.03.01 20:02:43 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2010.03.01 20:02:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.02.25 16:06:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Plocha\Nová složka
[2010.02.20 10:56:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Boss Media
[2010.02.20 10:56:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\Boss Media
[2010.02.20 10:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\ParadisePoker
[2008.12.18 19:07:49 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[2008.12.18 16:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2008.12.18 16:23:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2008.12.18 16:18:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2008.12.18 16:18:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.03.19 15:49:57 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
[2010.03.19 15:32:17 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\RSIT.exe
[2010.03.19 15:24:28 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010.03.19 15:23:53 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{1AF29358-B0CC-41A0-815A-8F08428DF50B}
[2010.03.19 15:23:44 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2010.03.19 15:23:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.03.19 15:23:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.03.19 15:19:18 | 002,883,584 | -H-- | M] () -- C:\Documents and Settings\xxx\NTUSER.DAT
[2010.03.19 15:19:18 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\xxx\ntuser.ini
[2010.03.18 15:41:45 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{EF050F9B-0C10-43C4-A467-E9BED3998E8F}
[2010.03.18 15:38:54 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{3025FFD3-B282-4064-AA5A-BC54E306D552}
[2010.03.18 14:48:43 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.03.17 17:32:38 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{52382E82-3F46-433F-BA10-0C51B6DC0476}
[2010.03.17 17:28:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.03.14 21:20:12 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.13 19:53:47 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2010.03.13 19:37:21 | 000,000,084 | ---- | M] () -- C:\Documents and Settings\xxx\default.pls
[2010.03.11 17:39:37 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.03.11 16:13:22 | 002,279,345 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Klasik 103(2)(2).dwg
[2010.03.10 21:57:38 | 002,279,345 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Klasik 103(2)(2).bak
[2010.03.07 13:04:51 | 000,005,424 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\česťa 2.pdf
[2010.03.07 13:03:10 | 000,015,830 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\česťa.pdf
[2010.03.06 10:37:11 | 000,380,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.06 10:37:10 | 000,379,806 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.06 10:37:10 | 000,062,336 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.06 10:37:10 | 000,053,098 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.03.06 10:37:08 | 000,884,654 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.01 20:02:56 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.03.01 09:08:25 | 001,122,188 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Dořičák Pavel.dwg
[2010.03.01 08:56:45 | 000,046,892 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Dořičák.doc
[2010.02.28 13:49:20 | 001,075,458 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Dořičák Pavel.bak
[2010.02.27 20:20:54 | 000,410,653 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\pristresek.dwg
[2010.02.27 20:13:45 | 001,080,367 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\hikel.bak
[2010.02.26 16:49:28 | 000,157,878 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\VYKRESY.bak
[2010.02.23 19:19:58 | 000,061,039 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\TZ Gorsky.doc
[2010.02.20 10:55:43 | 000,000,698 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\ParadisePoker.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.03.19 15:32:10 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\RSIT.exe
[2010.03.13 19:53:47 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2010.03.07 13:04:51 | 000,005,424 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\česťa 2.pdf
[2010.03.07 13:03:08 | 000,015,830 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\česťa.pdf
[2010.03.01 20:02:56 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.02.27 20:20:54 | 000,410,653 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\pristresek.bak
[2010.02.27 20:17:42 | 001,075,458 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Dořičák Pavel.bak
[2010.02.27 20:16:43 | 001,080,367 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\hikel.bak
[2010.02.27 20:14:10 | 001,122,188 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Dořičák Pavel.dwg
[2010.02.26 22:32:37 | 000,157,878 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\VYKRESY.bak
[2010.02.23 19:20:34 | 000,046,892 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Dořičák.doc
[2010.02.20 10:55:43 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\ParadisePoker.lnk
[2009.04.17 15:54:39 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.03.02 11:07:10 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2008.12.22 16:45:26 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.12.22 16:31:15 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.12.22 16:31:13 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.22 15:53:41 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2008.12.21 15:15:38 | 000,000,123 | ---- | C] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\fusioncache.dat
[2008.12.18 19:19:15 | 000,121,905 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2008.12.18 19:19:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2008.12.18 19:19:15 | 000,008,831 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2008.12.18 19:19:15 | 000,006,793 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2008.12.18 19:07:49 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2006.08.03 03:24:08 | 000,045,124 | ---- | C] () -- C:\WINDOWS\System32\LsaWrApi.dll
[2006.08.03 03:16:54 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\ShellNav.dll
[2006.08.03 03:15:16 | 000,528,453 | ---- | C] () -- C:\WINDOWS\System32\C1XStngs.dll
[2006.08.03 03:14:18 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\D8021Xps.dll
[2005.01.13 03:00:14 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005.01.13 03:00:10 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2004.07.17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004.03.01 07:53:21 | 000,729,088 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2003.09.30 11:47:47 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2003.09.30 11:47:47 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2003.09.30 11:47:47 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2003.09.30 11:47:47 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2003.09.30 11:47:46 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2003.09.30 11:47:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
< End of report >

#8 Příspěvek od **Caroprd111** » 19 bře 2010 16:13

Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
Během skenování může být počítač restartován.

pethol · #9 Příspěvek od **pethol** » 19 bře 2010 16:55

ComboFix 10-03-18.02 - xxx 19.03.2010 16:34:42.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.511.151 [GMT 1:00]
Spuštěný z: c:\documents and settings\xxx\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100317-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall *disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\ieuinit.inf

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_IPRIP

((((((((((((((((((((((((( Soubory vytvořené od 2010-02-19 do 2010-03-19 )))))))))))))))))))))))))))))))
.

2010-03-19 14:32 . 2010-03-19 14:33 -------- d-----w- c:\program files\trend micro
2010-03-19 14:32 . 2010-03-19 14:33 -------- d-----w- C:\rsit
2010-03-17 16:35 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-13 18:52 . 2010-03-13 18:52 -------- d-----w- c:\program files\VideoLAN
2010-03-01 19:02 . 2010-03-01 19:02 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-03-01 19:02 . 2010-03-01 19:10 -------- d-----w- c:\program files\Spyware Terminator
2010-02-20 09:54 . 2010-03-06 18:33 -------- d-----w- c:\program files\ParadisePoker

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-19 14:48 . 2009-03-19 16:36 -------- d-----w- c:\program files\Lavasoft
2010-03-06 09:37 . 2001-10-25 14:00 62336 ----a-w- c:\windows\system32\perfc005.dat
2010-03-06 09:37 . 2001-10-25 14:00 379806 ----a-w- c:\windows\system32\perfh005.dat
2009-12-31 16:14 . 2004-08-03 21:14 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:42 . 2004-08-17 13:49 663040 ----a-w- c:\windows\system32\wininet.dll
2009-12-22 05:42 . 2004-08-17 13:49 81920 ----a-w- c:\windows\system32\ieencode.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2009-05-18 411288]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-03-01 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-12 339968]
"ZCfgSvc.exe"="c:\windows\system32\ZCfgSvc.exe" [2006-08-03 639040]
"PRONoMgr.exe"="c:\program files\Intel\NCS\PROSet\PRONoMgr.exe" [2005-07-07 135168]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"D-Link AirPlus G"="c:\program files\D-Link\AirPlus G\AirGCFG.exe" [2006-11-17 1552384]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2006-06-29 49152]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\xxx\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-10-4 393216]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
2006-08-03 02:20 188482 ----a-w- c:\windows\system32\LgNotify.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\xxx\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Skupiny sítě Peer-to-Peer
"3540:UDP"= 3540:UDP:Protokol PNRP (Peer Name Resolution Protocol)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [5.1.2009 17:26 114768]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [5.1.2009 18:18 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [1.3.2010 20:02 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5.1.2009 17:26 20560]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 7:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 7:24 1365288]
R3 EMCR;EMCR;c:\windows\system32\drivers\EMCR7SK.sys [18.12.2008 19:07 72064]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [5.1.2009 18:18 65576]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
Obsah adresáře 'Naplánované úlohy'

2010-03-19 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-23 20:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\vo3wmw0t.default\
FF - prefs.js: browser.search.selectedEngine - ÄŚSFD
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-19 16:47
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1936)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LgNotify.dll

- - - - - - - > 'explorer.exe'(1048)
c:\windows\system32\msi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\S24EvMon.exe
c:\windows\system32\1XConfig.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\RegSrvc.exe
c:\windows\system32\tcpsvcs.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Sunbelt Software\Personal Firewall\SbPFCl.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Celkový čas: 2010-03-19 16:54:20 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-19 15:54

Před spuštěním: 7 526 543 360
Po spuštění: 7 437 398 016

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 9FDBE4AB4588B33E70FB29E56699606F

#10 Příspěvek od **Caroprd111** » 19 bře 2010 16:58

Jak se chová PC

pethol · #11 Příspěvek od **pethol** » 19 bře 2010 17:14

pomalý start, najede plocha a než se všechno rozjede a jde něco zpustit tak to celkem trva a zamrza ...

je to čisté?

#12 Příspěvek od **Caroprd111** » 19 bře 2010 17:15

Ještě to prověříme.

Stáhněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229

Podle návodu v odkazu nainstalujte, poté dejte úplný sken.
Nic nemažte MBAM má občas falešné detekce a mohl by smazat např. systémové soubory.
Log vložte sem.

pethol · #13 Příspěvek od **pethol** » 19 bře 2010 18:41

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3885
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

19.3.2010 18:41:06
mbam-log-2010-03-19 (18-41-06).txt

Typ kontroly: Kompletní kontrola (C:\|)
Zkontrolované objekty: 155151
Uplynulý čas: 47 minute(s), 21 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

#14 Příspěvek od **Caroprd111** » 19 bře 2010 19:42

Pokračujte podle návodu AVPTool http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

VIRY.CZ

Prosím o kontrolu logu, pomalý start pc ...

Prosím o kontrolu logu, pomalý start pc ...

Re: Prosím o kontrolu logu, pomalý start pc ...

Re: Prosím o kontrolu logu, pomalý start pc ...

Re: Prosím o kontrolu logu, pomalý start pc ...

Re: Prosím o kontrolu logu, pomalý start pc ...

Re: Prosím o kontrolu logu, pomalý start pc ...

Re: Prosím o kontrolu logu, pomalý start pc ...

Re: Prosím o kontrolu logu, pomalý start pc ...

Re: Prosím o kontrolu logu, pomalý start pc ...

Re: Prosím o kontrolu logu, pomalý start pc ...

Re: Prosím o kontrolu logu, pomalý start pc ...

Re: Prosím o kontrolu logu, pomalý start pc ...

Re: Prosím o kontrolu logu, pomalý start pc ...

Re: Prosím o kontrolu logu, pomalý start pc ...